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Intrusion detector. 
Intrusionsmelder . 
Detecteur d ' intrusion . 
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ABSTRACT EP 645644 Al 

A security device for protecting a protected area (110) comprises two 
laser ref lectometer detectors (100) . Each detector (100) produces an area 
swept laser beam (102) aligned to sweep an area outside the protected 
area and has a time-of-f light detector for detecting reflections by 
objects in the path of the laser beam outside the protected area, (see 
image in original document) 

ABSTRACT WORD COUNT: 62 


LEGAL STATUS (Type, Pub Date, Kind, Text) : 
Application: 950329 Al Published application (Alwith Search Report 

;A2 without Search Report) 
Examination: 951025 Al Date of filing of request for examination: 

950830 

Withdrawal: 970416 Al Date on which the European patent application 

was withdrawn: 970217 
LANGUAGE ( Publication, Procedural, Application) : English; English; English 
FULLTEXT AVAILABILITY: 

Available Text Language Update Word Count 

CLAIMS A (English) EPAB95 328 

SPEC A (English) EPAB95 1545 
Total word count - document A 1873 
Total word count - document B 0 
Total word count - documents A + B 1873 

...SPECIFICATION fixed and moving objects, is displayed to an operator. 
Thus, the present invention provides comprehensive intrusion 
detection in the vicinity of a protected zone and accomplishes the task 
using only a minimum number of components . The system is 
particularly adept for protecting soldiers' quarters in the field, since 
it is easy to . . . 
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ABSTRACT EP 520770 A2 

An in-band/out-of-band alert delivery system for a computer system 
manager includes an alert log which maintains a record of alerts to be 
delivered and the status of those alerts, an alert manager for making a 
first attempt to deliver each alert, and a retry manager for making 
subsequent attempts to deliver alerts as becomes necessary and 
appropriate. The alert delivery system may also include a bus master 
interface manager for making in-band alert deliveries and a 
communications manager for making out-of-band alert deliveries. Telephone 
numbers are provided to the communications manager by an alert 
destination list. Out-of-band alert deliveries may be made via a modem, a 
universal asynchronous receiver transmitter, or the like, (see image in 
original document) 
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..SPECIFICATION of related art section above, so as to provide enhanced 
hardware management capabilities. Because these various components 
are discussed in detail in other of the related cases referenced above, 
they will not . . . 

..to the modem or asynchronous interface of the system manager can be made 
to require security checks before access is allowed. The final 
component of the management system listed above, configuration 
support, involves configuring the 32-Bit intelligent Bus Master EISA 
board into. . . 
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UNIVERSAL, CUSTOMIZABLE SECURITY SYSTEM FOR COMPUTERS AND OTHER DEVICES 
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Main International Patent Class: H04L-009/32 

Publication Language: English 

Filing Language: English 

Fulltext Availability: 
Detailed Description 
Claims 

Fulltext Word Count: 6457 
English Abstract 

A universal, customizable computer security system (50) including a set 
of security input signals (52) each relating to a possible security event 
and a rules engine (72) with a universal software interface (74) 
responsive to the security input signals (54-70). The rules engine (72) 
is configurable to perform one or more security actions (76-92) in 
response to each security input signal (54-70). The rules engine (72) 
further includes a user interface program (94) to allow a user to select 
one or more customized security actions for a combination of one or more 
chosen security input signals (54-70) and a universal software output 
interface (75) responsive to the selected security actions (76-92) . 

French Abstract 

L' invention concerne un systeme de securite informatique personnalisable 
(50), universel, faisant intervenir une serie de signaux d'entree (52) de 
securite se rapportant chacun a un evenement de securite possible et un 
moteur de regies (72) avec une interface logicielle universelle (74) 
sensible aux signaux d'entree (54-70) de securite. Le moteur de regies 
(72) peut etre configure pour effectuer une ou plusieurs actions de 
securite (76-92) en reponse a chaque signal d'entree (54-70) de securite. 
Le moteur de regies (72) comprend egalement un programme d 1 interface 
utilisateur (94) permettant a un utilisateur de selectionner une ou 


plusieurs actions de securite personnalisees pour une combinaison d'un ou 
plusieurs signaux d 1 entree (54-70) de securite choisis et une interface 
de sortie logicielle universelle (75) sensible aux actions de securite 
(76-92) select ionnees . 

Legal Status (Type, Date, Text) 

Publication 20021031 Al With international search report. 

Publication 20021031 Al Before the expiration of the time limit for 

amending the claims and to be republished in the 
event of the receipt of amendments. 

Main International Patent Class: H04L-009/32 
Fulltext Availability: 
Detailed Description 

Detailed Description 

... rules. Rules engine 72 is in essence a "language" which allows 
querying the state of various components registered to security 
system 50 and reacts to the status in a way defined by the user or the 
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SYSTEM AND METHOD FOR MANAGING A DEVICE NETWORK 

SYSTEME ET PROCEDE DE GESTION D ! UN RESEAU DE DISPOSITIFS 
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(OA) BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Main International Patent Class: G06F-015/173 
International Patent Class: G06F-015/16 
Publication Language: English 
Filing Language: English 
Fulltext Availability: 

Detailed Description 

Claims 

Fulltext Word Count: 1084 9 
English Abstract 

A system and method for managing a distributed data processing network 
are provided. A distributed network environment is configured such that 


monitoring and control devices are associated with device servers in a 
secure subnet. Each device server connects with a premises server. 
According to the present invention, a client computing device utilizing a 
WWW browser employs a communication protocol to pass commands to device 
servers and devices through the premises server. In another aspect of the 
present invention, a distributed computing environment allows multiple 
device servers to cumulatively process data collected from cameras, 
sensors, and other attached devices and provide a common computing 
platform and user interface. 

French Abstract 

L 1 invention concerne un systeme et un procede destines a gerer un reseau 
de traitement de donnees. Un environnement de reseau reparti est concu de 
facon que des dispositifs de surveillance et de controle soient associes 
a des serveurs de dispositifs dans un sous-reseau securise. Chaque 
serveur de dispositif est connecte a un serveur local. Selon la presente 
invention, un dispositif de calcul client utilisant un navigateur Web 
fait intervenir un protocole de communication pour passer des commandes 
aux serveurs de dispositifs et aux dispositifs par 1 1 intermediaire du 
serveur local. Dans un autre aspect de la presente invention, un 
environnement de calcul reparti permet a plusieurs serveurs de 
dispositifs de traiter de maniere cumulative des donnees recueillies a 
partir de cameras, de detecteurs et d f autres dispositifs associes, et de 
fournir une plateforme de calcul commune ainsi qu'une interface 
utilisateur . 

Legal Status (Type, Date, Text) 

Publication 20021017 Al With international search report. 

Examination 20030220 Request for preliminary examination prior to end of 

19th month from priority date 

Fulltext Availability: 
Detailed Description 

Detailed Description 

... of the user. While the system of the present invention is utilized to 
integrate traditional security monitoring functions, it is also 
utilized to integrate any information input in a like manner. 

With reference to FIGURE 2, the integrated information system 30 
includes a premises server 32 that functions as a communication gateway 
between various monitoring devices 36 and control devices 38 and the 
integrated information system 30. 

The premises server 32... 
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Publication Language: English 
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Fulltext Availability: 

Detailed Description 

Claims 

Fulltext Word Count: 12566 
English Abstract 

An integrated, easily upgradeable networking device (110) capable of 
interfacing with different types of networks (105a, 105b, 105c, 105d) 
while still providing high performance networking functionalities such as 
protocol conversion, security maintenance, and inter/intra-network 
management within an enterprise environment is described. The device 
(110) may perform various networking functions within an enterprise and 
is easily adaptable to perform both inter-networking functions as well as 
intra-networking functions. 
French Abstract 

L 1 invention concerne un dispositif de reseautage integre (110) facilement 
extensible pouvant faire interface avec differents types de reseaux 
(105a, 105b, 105c, 105d) tout en conservant des f onctionnalites de 
reseautage a hautes performances, notamment en termes de conversion de 
protocole, de maintien de securite et de gestion 

d ! interreseau/intrareseau dans un environnement d f entreprise . Ce 
dispositif (110) peut executer diverses fonctions de reseautage au sein 
d'une entreprise. II est facilement adaptable en vue de 1' execution de 
fonctions d 1 interreseautage ou d ? intrareseautage . 

Legal Status (Type, Date, Text) 

Publication 20020627 Al With international search report. 

Publication 20020627 Al Before the expiration of the time limit for 

amending the claims and to be republished in the 
event of the receipt of amendments. 

Main International Patent Class: G06F-011/30 
...International Patent Class: H04L-009/00 ... 

. . . H04L-009/32 

Fulltext Availability: 
Detailed Description 

Detailed Description 

components to function properly as well as coordinates and supervises 
the activities perfonned by the components . The system processor 215 
may upgrade software and tables stored within the various components 
or devices on an attached network. Additionally, the system processor 21 
5 may coordinate with. . . 
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SYSTEM AND METHOD FOR IMPLEMENTING OPEN- PROTOCOL REMOTE DEVICE CONTROL 
SYSTEMS ET PROCEDE PERMETTANT DE METTRE EN OEUVRE UNE COMMANDE DE 
DISPOSITIF ELOIGNS A PROTOCOLE OUVERT 
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Detailed Description 

Claims 

Fulltext Word Count: 8214 
English Abstract 

A system and method for implementing open-protocol remote device control 
(224) are provided. A user accesses a common user interface for 
controlling one or more networked devices. Utilizing the interface, the 
user selects one or more actions. The selection is encoded in a standard 
protocol and transmitted to a premises server (202) . The premises server 
(202) obtains the selection, accesses a device interface database and 
translates the selection into a device-specific protocol. The translated 
instruction is transmitted to the selected device for implementation. The 
user interface then obtains any device return data for display on the 
user interface. 

French Abstract 

L 1 invention porte sur un systeme et un procede permettant de mettre en 
oeuvre une commande (224) de dispositif eloigne a protocole ouvert . Un 
utilisateur accede a une interface utilisateur commune pour commander un 
ou plusieurs dispositifs en reseau. L 1 utilisateur selectionne une ou 
plusieurs actions par 1 1 intermediaire de 1' interface. La selection est 
codee dans un protocole standard, puis transmise a un serveur de locaux 
(202) . Ce serveur de locaux (202) recoit la selection, accede a une base 
de donnees de 1' interface du dispositif et traduit la selection dans un 


protocole specifique au dispositif. L 1 instruction ainsi traduite est 
transmise au dispositif selectionne pour etre appliquee. L 1 interface 
utilisateur recoit ensuite des donnees retour quelconques du dispositif 
en vue d ! un affichage sur 1 ! interface utilisateur. 
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Detailed Description 

Detailed Description 
... 238. 

Although illustrative embodiments of the present invention have been 
described with regard to an integrated infon-nation system 200 
configured for security monitoring , the present invention is not 
limited to such an implementation. Any networked device capable of... 

...network, in which a dedicated device server is utilized, 

The present invention facilitates use of multiple , dissimilar devices 
by providin 
• 9 

standard interface templates. Additionally, by establishing a dedicated 
communication channel with the. . . 
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English Abstract 

A system and method for implementing a configurable security monitor 
utilizing an integrated information portal. A premises server (32) is in 
communication with a variety of information sources (34, 36) that produce 
monitoring data for a defined monitoring target, such as a premises. The 
premises server (32) transmits the monitoring data to a central server 
(56) that receives the data and traverses one or more logical rule sets 
to determine whether the inputted data violates the rules. The rules are 
generally specified by a user, such as a system administrator to define 
the level of monitoring desired and an appropriate response in the 
evaluation of the monitoring data against the rule. Based on an 
evaluation of the rules, the central server then generates outputs in the 
form of communication to one or more authorized users via a variety of 
communication mediums and devices and/or the instigation of a variety of 
acts . 

French Abstract 

L 1 invention porte sur un systeme et un procede de mise en oeuvre d'un 
surveillant de securite utilisant un portail integre d 1 informations . Un 
serveur (32) de locaux, en communication avec diverses sources (34, 36) 


d 1 information produit des donnees de surveillance relatives a une cible a 
surveiller definie telle qu'un local, et les transmet a un serveur (56) 
central qui, les recevant, parcourt un ou plusieurs ensembles de regies 
logiques pour determiner si les donnees entrees violent ou non les 
regies. Les regies sont generalement indiquees par un utilisateur, par 
exemple un administrateur du systeme, pour definir le niveau de suivi 
desire et la reponse appropriee a l 1 evaluation des donnees de suivi 
violant la regie. Se basant sur l 1 evaluation des regies, le serveur 
central cree alors des donnees de sortie sous la forme de communications 
a destination d ! un ou plusieurs utilisateurs autorises via divers 
supports et dispositifs de communication et/ou d ! instigation de divers 
actes . 
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... sensors and/or video cameras within the premises. 

While the conventional art generally discloses utilizing multiple 
monitoring devices to perform various functions, conventional systems 
are deficient in having a lack of data management functionality and 
integration. Security data from different monitoring device types is 
generally not integrated to affect the system reporting and -I 
control. Instead' the conventional security system is 
built around independent standalone devices... 
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English Abstract 

A system and method for implementing an integrated information system is 
provided. A premises server (32) is in communication with a variety of 
information sources that produce monitoring data for a premises. The 
premises server collects, presents, and transmits the monitoring device 
data to a central server (56) over the Internet (20) . Where the central 
server is capable of processing data from multiple premises servers. The 
central server receives the data and traverses one or more logical rule 
sets to determine whether thw inputted data violates the rules. Based on 
an evaluation of the rules, the central server generates output in the 
form of communication to one or more authorized users via a variety of 
communication mediums and devices and/or the instigation of a variety of 
acts corresponding to the evaluation of the rules. 

French Abstract 

L 1 invention concerne un systeme et un procede concus pour mettre en 
oeuvre un systeme d ' information integre. Un serveur de local (32) est en 
communication avec diverses sources d 1 information qui produisent des 
donnees de surveillance pour un local. Le serveur de local recueille, 
presente et transmet les donnees du dispositif de surveillance a un 
serveur central (56) sur 1 1 Internet (20). Ledit serveur central peut 
traiter des donnees provenant d'une pluralite de serveurs de locaux. II 
recoit les donnees et parcourt au moins un ensemble de regies logiques 
pour determiner si les donnees introduites violent ces regies. Sur la 
base de l 1 evaluation des regies, le serveur central produit des sorties 
sous la forme de communications a destination d'au moins un utilisateur 
autorise par le biais de divers supports et dispositifs de communication 
et/ou la demande de diverses actions correspondant a 1' evaluation des 
regies . 
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Detailed Description 

... and/or video cameras withi n the premises. 

While the conventional art generally discloses utilizing multiple 
monitoring devices to perform various functions, conventional systems 
are deficient in data management functionality and integration. Security 

data from different monitoring device types is generally not 
integrated to affect the system reporting and control. 

Instead, the conventional security system is built around independent 
stand-alone devices... 
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English Abstract 

A system and method for configuring an integrated information system 


(200) through a common user interface are provided. A user acces a 
graphical user interface and selects client, premises, location, 
monitoring device (206), and processing rule information . The graphical 
user interface (414) transmits the user selection to a processing server, 
which configures one or more monitoring devices according to the user 
selections . 

French Abstract 

L 1 invention porte sur un systeme et sur un procede de configuration d f un 
systeme d 1 informations integre par 1 1 intermediaire d f une interface 
utilisateur commune. Un utilisateur accede a une interface graphique et 
selectionne un client, des locaux, un dispositif de controle et des 
informations relatives aux regies de traitement. L f interface utilisateur 
graphique transmet la selection utilisateur a un serveur de traitement 
qui configure un ou plusieurs dispositifs de controle conformement aux 
selections utilisateur. 
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Detailed Description 

... sensors and/or video cameras within the premises. 

While the conventional art generally discloses utilizing multiple 
monitoring devices to perfon'n various functions, conventional systems 
are deficient in data management functionality and integration. Security 

data from different monitoring device types is generally not 
integrated to affect the system reporting and control. 

Instead, the conventional security system is built around independent 
stand-alone devices... 
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English Abstract 

The invention relates to providing enhancements automatically to 
computer security software whenever the enhancement becomes available. 
The invention also relates to providing automatically an update to 
computer security software and integrating the update into the software. 

French Abstract 

L 1 invention concerne des ameliorations apportees automatiquement a un 
logiciel de securite informatique lorsque celles-ci sont disponibles. 
L 1 invention concerne egalement une mise a jour automatique d'un logiciel 
de securite informatique, et 1 1 integration de cette mise a jour dans 
ledit logiciel. 

Fulltext Availability: 
Detailed Description 

Detailed Description 

... application responsible for receiving the software enhancements. 

In another aspect, the invention relates to an integrated system for 
assessing vulnerabilities . The integrated system includes a 
database of security vulnerabilities and various modules . A first 
module accesses the database and assesses security vulnerabilities 

of an operating system of a computer. A second module accesses the 
database and assesses ... source code. 


An Intefzrated Security System 

The database of security vulnerabilities is part of an integrated 
system that provides a secure operating environment. The disclosed 
invention is an integrated system for assessing computer security 


vulnerabilities The integrated system includes a database of 
security vulnerabilities and various modules . A first module accesses 
the database and assesses security vulnerabilities of an operating 
system of a computer. A second module accesses the database and assesses 
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English Abstract 

In one aspect, the invention relates to automatically providing 
enhancements to computer security software whenever the enhancement 
becomes available. In another aspect, the invention relates to an 
integrated system for assessing security vulnerabilities of a computer 
and/or a computer network. 

French Abstract 

Un aspect de cette invention concerne l'ajout automatique 
d ! ameliorations a des logiciels de securite informatique chaque fois que 
1 1 amelioration devient disponible. Un autre aspect de 1' invention 
concerne un systeme integre qui evalue la vulnerabilite au niveau de la 
securite d'un ordinateur et/ou d ! un systeme informatique. 

Fulltext Availability: 
Detailed Description 

Detailed Description 
source code . 

An Integrated Security System 

The database of security vulnerabilities is part of an integrated 
system that provides a secure operating environment. The disclosed 
invention is an integrated system for assessing computer security 


vulnerabilities The integrated system includes a database of 
security vulnerabilities and various modules . A first module accesses 
the database and assesses security vulnerabilities of an operating 
system of a computer. A second module accesses the database and assesses 


V 


File 347:JAPIO Oct 197 6-2 002/D^c (U^'at^d^ 0304 02 j - /' \ 

(c) 2003 .JPO .& JAPl6.'. V': : ' ...V'.V /rV- \- -,. ' • . r\ <' 
File 350:Derweat WPIX 1963-2003/UD, UM &UP=200329 

(c)' 2003 Thomson Derw^nt . 

? ds ' • ' .'*. ■ ' \ ">V<\ ^r : ^C^'\ .'■». 

Set Items Description \ ! . '..v 

51 261855 INTRUjS?.???? V ?-'6R ' /iN.TRUD.?,??? ? OR ATTACK?,??? ? OR PSEUDOATT- 

ACfC? • OR . VULNftRAB?* OR * H^tK?/?? ? ? ' OR CRACK???? ? OR MALICIOUS OR 
' UNAUTHORIZ? '.OR bMUTflB^l'sr' OR' INFILTRAT? .OR THREAT? 

52 61000 SECURITY 

53 2902 IDS 

54 18007 9 PENETRAT? OR BREACH? 

55 14829 S1:S4(3N) (TRACK? OR DETECT? "OR MONITOR? OR DISCERN? OR GAU- 

G??? ? OR EXPOS???? ? OR CHECK??? ? OR CHEQU??? ? OR DIAGNOS?- 
?? ?) 

56 1349 S1:S4 (3N) (SELFTEST? OR SELFDIAGNOS? OR DX OR PROBE? ? OR P- 

ROBING? OR ANALYST "OR ANALYZ? OR ANALYT? OR ASSESS????? ? OR - 
BIST) 

57 4469 S1:S4(3N) (EVALUAT? OR SENS?R? ? OR SENSING OR SENSE? ? OR - 

SCREEN?) 

58 342 NOC OR NETWORK?' ?( lWj'. (OPERATION? 1 OR OPN OR OPNS) (1W) (CEN- 

TER? ? OR CENTRE? ?)■ ' [ . 

59 1178 SOC OR SECURITY(IW) (OPERATION? ? OR OPN OR OPNS) (1W) (CENTE- 

R? ? OR CENTRE? ?) . 

510 2707521 SYSTEM? ? ■ 

511 41911 S10(3N) (INTEGRATED OR MASTER OR PRINCIPAL OR MAIN OR PARENT 

OR HIERARCH? OR TOPOLOG? OR : PRIMARY) 

512 10790 SUBSYSTEM? OR' SUB () SYSTEM? 

513 2104 S10(3N) (MULTI () (LAYER?. OR LEVEL? OR TIER? OR STACK? OR BRA- 

NCH?) OR MULTILAYER? OR MULTILEVEL? OR MULTITIER? OR MULTISTA- 
CK? OR MULTIBRANCH?) 

514 453 S10(3N) (MANY OR SEVERAL OR PLURALITY OR NUMEROUS OR MULTIP- 

LE OR MULTIPLICIT? OR MULTITUD? OR ADDITIONAL) (1W) (LAYER? OR - 
LEVEL? OR TIER? OR STACK? OR BRANCH?) 

515 11626 FIREWALL? OR FIRE () WALL? ? OR ROUTER? ? OR S3 

516 10 MULTIDEVICE? 

517 21851 (MANY OR SEVERAL OR PLURALITY OR NUMEROUS OR MULTIPLE OR M- 

ULTIPLICIT? OR MULTITUD? OR ADDITIONAL OR MULTI OR NUMBER OR - 
VARIOUS OR VARIETY) (1W) DEVICE? 

518 232 OUTSOURC? OR OUT ( ) SOURC??? ? 

519 0 S5:S7 (S)S8:S9 

520 133 S5:S7 (S) (S11:S14 OR SUBCOMPONENT? OR SUBMODULE? OR S10(3N)- 

(COMPONENT? OR MODULE?)) 

521 60360 (MANY OR SEVERAL OR PLURALITY OR NUMEROUS OR MULTIPLE OR M- 

ULTIPLICIT? OR MULTITUD? OR ADDITIONAL OR MULTI OR NUMBER OR - 
VARIOUS OR VARIETY) (1W) (COMPONENT? OR MODULE?) 


S22 

1 

S5:S7 AND S8:S9 


S23 

338 

S5:S7 AND (S11:S14 OR . SUBCOMPONENT? 

OR SUBMODULE? OR S10(3- 


N) (COMPONENT? OR MODULE?)) 


S24 

30 

S22:S23 AND (S15:S18 OR S21) 


S25 

138543 

IC= , G06F-013 I 


S26 

10581 

IC= , G06F-011/30 f 


S27 

24844 

IC= , H04L-009 ? 


S28 

47 

S25 AND S26 AND S27 


S29 

6 

S28 AND (S8:S9 OR S11:S14 OR S16:S18 

OR S21 OR SUBCOMPONEN- 


T? 

OR SUBMODULE? OR S10(3N) (COMPONENT? 

OR MODULE?) ) 

S30 

0 

S25 AND S26:S27 AND S8:S9 


S31 

180 

S25 AND S26:S27 AND (S11:S14 OR S21 

OR SUBCOMPONENT? OR SU- 


BMODULE? OR S10(3N) (COMPONENT? OR MODULE?)) 



S32 

40 

S25 AND S26:S27 AND S16:S18 

S33 

1 

S31 AND S32 

S34 

5970 

MC='T01-H07C5A' 

S35 

7005 

MC= , T01-J12C I 

S36 

505 

S34 AND S35 

S37 

1 

S36 AND S8:S9 

S38 

31 

S36 AND (S11:S14 OR S21 OR SUBCOMPONENT? OR SUBMODULE? 


S10(3N) (COMPONENT? OR MODULE? ) ) 

S39 

4 

S36 AND S16:S18 

S40 

9 

S38 AND S26:S27 

S41 

19 

S22:S23 AND (S16:S18 OR S21) 

S42 

38 

S29 OR S33 OR S37 OR S39:S41 

S43 

38 

IDPAT (sorted in duplicate/non-duplicate order) 

S44 

38 

ID PAT (primary/non-duplicate records only) 


44/9/4 (Item 4 from file: 350) 

DIALOG (R) File 350:Derwent WPIX 

(c) 2003 Thomson Derwent . All rts. reserv. 

014933715 **Image available** 
WPI Acc No: 2002-754424/200282 
XRPX Acc No: N02-594244 

Hierarchical management system implements encryption communication 

using SPD delivered from management device to VPN devices through relay 

management units 
Patent Assignee: MITSUBISHI ELECTRIC CORP (MITQ ) 
Number of Countries: 001 Number of Patents: 001 
Patent Family: 

Patent No Kind Date Applicat No Kind Date Week 

JP 2002261829 A 20020913 JP 200151345 A 20010227 200282 B 

Priority Applications (No Type Date) : JP 200151345 A 20010227 
Patent Details: 

Patent No Kind Lan Pg Main IPC Filing Notes 
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Abstract (Basic) : JP 2002261829 A 

NOVELTY - A management device (100) delivers security policy data • 
(SPD) to VPN devices (300-a - 300-y) through relay management units 
(200-a - 200-n) . The encryption communication is established using the 
SPD. 

DETAILED DESCRIPTION - An INDEPENDENT CLAIM is included for 
hierarchical management method. 

USE - Hierarchical management system . 

ADVANTAGE - Many VPN devices can be managed efficiently and 
reliably. 

DESCRIPTION OF DRAWING (S) - The figure shows the block diagram of 
hierarchical management system . (Drawing includes non-English 
language text) . 

Management device (100) 
Relay management units (200-a - 200-n) 
VPN devices (300-a - 300-y) 
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Abstract (Basic) : US 20020068984 Al 

NOVELTY - A user interface application is obtained corresponding to 
selected networked device to be manipulated. The operation information 
corresponding to the selected device is encoded according to a standard 
communication protocol instruction. The protocol instruction is then 
transmitted to a server and the output corresponding to the selected 
device is obtained. 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are included for the 
following : 

(1) Computer readable recorded medium storing networked device 
control program; 

(2) Computer system; and 

(3) Interface providing method. 

USE - For controlling networked devices such as security 
monitoring networked devices e.g. smoke, fire, carbon monoxide, 
window-access, glass break, motion and audio/video detectors, image 
capture device e.g. video camera, still camera, etc., microphone, 
finger print, facial, retinal or other biometric "identification 
devices, etc., through common, remote user interface. 

ADVANTAGE - Facilitate use of multiple , dissimilar devices , by 
providing standard interface templates. Mitigates unnecessary 
processing steps that impede the flow of communication. Allows 
increased scalability of the number of monitoring devices used in the 


integrated information system and controlled by common user 
interface, by providing dedicated communication channel. 

DESCRIPTION OF DRAWING (S) - The figure shows block diagram of 
Internet environment. 
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Abstract (Basic) : EP 1126655 Al 

NOVELTY - The method involves system components (SKl-SKn) 
having authentication characteristics (Kl-Kn) for hardware modules 
and/or further authentication or integrity assurance characteristics 
(Sl-Sn) for the software modules. A central test module (PM) connected 
to the system bus (SB) checks the authenticity characteristics and/or 
integrity assurance characteristics. An information module (IM) is 
connected to the test module to output its signals. 

USE - For authenticating hardware and software in a networked 
system. 

ADVANTAGE - The hardware/software system is protected against 
unauthorized manipulation. 

DESCRIPTION OF DRAWING (S) - The drawing shows a schematic 
representation of a system with components connected via a system 
bus 

system components (SKl-SKn) 
authentication characteristics (Kl-Kn) 
integrity assurance characteristics (Sl-Sn) 
information module (IM) 
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Abstract (Basic) : WO 200072171 Al 

NOVELTY - A local area network (LAN) (100) can connect user 
endpoint devices (102) and includes a telecommunication provider 
network connection device (104) connected to the Internet or other wide 
area network (WAN) (106) via a secure universal network appliance 
(SUNA) (108), performing filtering and encryption operations on \ 
transfers. One endpoint device can be connected directly to the SUNA \ 
and a network security operation center (110) may up-link 
encryption parameters to the SUNA, while transferring alarms to the 
connection device. The SUNA can be maintained and operated by trained 
computer security professionals. 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are included for a method- 
of controlling traffic between local and wide area networks. 

USE - Remote connection management and monitoring of message 
traffic between local and remote area networks. 

ADVANTAGE - Providing out - source management of communication 
security . 

DESCRIPTION OF DRAWING (S) - The drawing is a block diagram of an 
example system according to the invention 
LAN (100) 

Endpoint devices (102) 
Network connection device (104) 
WAN (106) 
SUNA (108) 

Security operation center (110) 
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Data network e.g. Internet, intranet, has exposure analysis processor 
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of unused address, non-shareable and shareable address 
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Abstract (Basic) : WO 200041059 Al 

NOVELTY - Several devices are connected to a data network, each 
of which correspond to a unique address in a range of Internet protocol 
(IP) addresses. An exposure analysis processor determines a 
classification of each of unique addresses into groups consisting of 
unused addresses, non-shareable addresses and shareable device 
addresses . 

DETAILED DESCRIPTION - An address database connected to exposure 
analysis processor, stores the classification determined by exposure 
analysis processor, for each unique address in the range of IP 
addresses. A vulnerability scanner selectively scans only the addresses 
classified as shareable device addresses by exposure analysis 
processor. An INDEPENDENT CLAIM is also included for scanning method 
for checking vulnerability of devices in data network. 

USE - In Internet, intranet for transporting information via 
computers, display terminals, routers, printers, hubs. 

ADVANTAGE - Since the scanner scans the devices connected to 
network only for those provided services rather than for all possible 
services, time and cost in scanning for vulnerable devices are reduced. 

DESCRIPTION OF DRAWING (S) - The figure shows a flow chart 
describing a process for selecting and profiling network addresses as 
candidates for in-depth vulnerability testing. 
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Abstract (Basic) : WO 200038036 A2 

NOVELTY - The penetration test system has scan modules (16) to 
scan network to learn the unwanted accessing elimination capability of 
the computer. The scan results are stored in the memory. A controller 
retrieves information from the memory and instructs one scan module to 
perform scan of the computer and to produce an output, and for 
producing an input to another scan module based on the output. 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are also included for the 
following : 

(a) method for performing penetration test on a computer network; 

(b) signal for performing penetration test 

USE - For penetrating computer or a computer network to discover 
vulnerabilities . 

ADVANTAGE - The use of multiple scan modules allows a complete 
scan to run more quickly by performing many scanning operations in 
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parallel. The multilevel approach of scanning is more than simply a 
parallel processing scheme since it can establish both hierarchies and 
priorities among the techniques to be run, and it can decide which 
information to share, thereby improving penetration efficiency and 
effectiveness . 

DESCRIPTION OF DRAWING (S) - The figure shows the general over view 
of penetration test system. 
Module (16) 
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Remote audi table secure network installation system in financial 
institution, has nodes each of which automatically communicates with 
other node, based on stored information 
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Abstract (Basic): WO 200029962 Al 

NOVELTY - Installation server (630) does installation of software 
application on remote computer to form node. A generator (620) 
generates several software modules including agent modules which 
are executed by computer, to communicate with server (630). Each node 
automatically establishes communication with other node, based on 
information stored in template (610). A monitor node (670) monitors 
security of network. 

DETAILED DESCRIPTION - An INDEPENDENT CLAIM is also included for 
remote audit able secure network installation method. 

USE - For financial institution, for protecting copyrights for 
security of distributed software over network through Internet. 

ADVANTAGE - Prevents unauthorized copying of electronically stored 
and transmitted data by pirates and trusted insiders. The monitoring 
capability is used to ensure security maintenance. A set of agent 
library function is included with application to facilitate 
communication of each node with the rest of network. When system is 
installed, the keys are changed or strobe every few seconds, thus 
substantially diminishes the time during which private keys remain 
valid and substantially reduces risk of private keys being stolen and 
used by pirates. Enables to detect theft during relatively brief period 
when private key is in effect. 

DESCRIPTION OF DRAWING (S) - The figure shows the block diagram of 
system for generating and installing a private secure audible network. 

Template (610) 

Generator (620) 

Installation server (630) 

Monitor node (670) 
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Security device for multi - level network system has two port RAM 
consisting two bus interfaces which are respectively connected to host 
bus and local bus 
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Abstract (Basic) : WO 200010278 A2 

NOVELTY - A network interface connects the local bus of security 
device to network such as local area, Ethernet or ring network. A two 
port RAM has two bus interfaces, which are respectively connected to 
host bus and local bus such that the host computer and the client 
computer are connected. 

DETAILED DESCRIPTION - An authentication interface is provided to 
authenticate the user. A CPU is provided for implementing firmware and 
a cipher unit is connected to the local bus. An INDEPENDENT CLAIM is 
also included for data transmission and receiving control method. 

USE - For multi - level network system . 

ADVANTAGE - Prevents unauthorized access from host computer, since 
two-port RAM connects host bus and local bus using its two interface, 
thus security is improved. Reduces problems associated with traditional 
I and A device, intrusion detectors, firewalls and VPNs and previous 
MLS networks. 

DESCRIPTION OF DRAWING (S) - The figure shows model diagram of 
secure network having security device, 
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Abstract (Basic) : WO 200005650 Al 

NOVELTY - The information network system has discovery units (12) 
that passively or actively monitor a network, e.g. a LAN (14). The 
units build a map of the network and the usage patterns on it and store 
these in a database (16). This data is extracted by a parsing tool (18) 
that adapts it for input to analytical engines (20).. These detect 
patterns in the overall network and provide alerts and displays (22,24) 
to the operator. Additional discovery or analytical modules can be 
added as they become available. 

USE - Analysis and monitoring of networks 

ADVANTAGE - Provides a modular system of collecting and analyzing 
data to detect performance and security issues. 

DESCRIPTION OF DRAWING (S) - Network monitoring 

Monitoring modules (12) 

Database of network and usage (16) 

Converter for later engines (18) 

Analysis of data (20) 

Presentation (22, 24 ) 
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Abstract (Basic) : WO 200005651 Al 

NOVELTY - The information network system has discovery units (12) 
that passively or actively monitor a network, e.g. a LAN (14). The 
units build a map of the network and the usage patterns on it and store 
these in a database (16) . This data is extracted by a parsing tool (18) 
that adapts it for input to analytical engines (20) . These detect 
patterns in the overall network and provide alerts and displays (22,24) 
to the operator. Additional discovery or analytical modules can be 
added as they become available. 

USE - Analysis and monitoring of networks 

ADVANTAGE - Provides a modular system of collecting and analyzing 
data to detect performance and security issues. 

DESCRIPTION OF DRAWING (S) - Network monitoring 

Monitoring modules (12) 

Database of network and usage (16) 

Converter for later engines (18) 

Analysis of data (20) 

Presentation (22, 24 ) 
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Abstract (Basic) : WO 9966383 A2 

NOVELTY - Security module of the system under direction from 
processor (12) accesses and analyzes selected portions of the computer 
comprising unix server (10) to identify vulnerabilities. Utility module 
under direction from processor performs various utility functions with 
regard to computer, in response to identified vulnerabilities. 

DETAILED DESCRIPTION - Security information for performing analysis 
of computer is stored in security system memory (30) . The security 
system is connected to the computer comprising unix server (10) via 
(18). The reporting module of the system provides status 
information to GUI with regard to operations of the system . The 
security module includes at least one of configuration mode which 
performs initial analysis of the computer system acquire configuration 
information, directory checking module analyzing directories and files 
in system memory (13) to determine if security initial files have been 
tampered, user manager module, integrity checking module, network 
checking module and a password checking module. The utility module is 
chosen from user manager module, file removal module, file marking 
module, and scheduling module. An INDEPENDENT CLAIM is also included 
for method of providing a security assessment for computer system. 

USE - For business use computer. 

ADVANTAGE - Enables manually marking certain critical files and 
analyzing the marked files to detect tampering when directory check 
module is activated. Enables scheduling automated performance of 
functions and providing reports to the system user in a number of 
different formats . 

DESCRIPTION OF DRAWING (S) - The figure shows block diagram of 
security system. 

Unix server (10) 

Processor (12) 

System memory (13) 

Via (18) 

Security system memory (30) 
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Abstract (Basic) : EP 965917 Al 

NOVELTY - The computer system allows modules to be transferred 
to other computers, e.g. via Java(TM) modules and interact with 
services on that computer. The client code uses established systems to 
obtain permission to access services and is provided with a permit 
object to reflect this. The client invokes methods on this object (502) 
and the system checks the validity (504). If valid the controlled 
object is invoked. Both permit and controlled objects are in protected 
memory spaces . 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are included for: 

(1) a computer readable medium containing program instructions; and 

(2) an apparatus for controlling access to services in a protected 
memory system. 

USE - Access control for use of computer services 
ADVANTAGE - Does not require extra hardware to control access to 
services 

DESCRIPTION OF DRAWING (S) - Access control 

Client code invokes permit object to access restricted services 
(502) 

System validates call (504) 

Controlled object invoked if call valid (506-508) 
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Abstract (Basic) : GB 2337840 A 

NOVELTY - A communication hub (10) comprises several devices 
(20) connected to ports (12) by cables (16), with detection switches 
(22) allowing the monitoring (14) of the devices. A management device 
(20a) indicates which device is to be monitored and an alarm (27) 
associated with a control device (26), is arranged to give an 
indication if it is determined that a network device which is currently 
subject to monitoring is removed. 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are also included for the 
following : 

(1) a computer monitoring system and 

(2) a computer network device. 

USE - For the security of network devices within a computer network 
i.e. prevents unauthorized removal of network devices. 

ADVANTAGE - Network devices are able to be 'locked 1 onto the 
network with an alarm raised if the device is removed even when the 
device is switched off, as the monitoring of the device's presence is 
performed by the network. The device may be 'unlocked 1 from the 
network, in which condition no alarm is raised even if the device is 
removed. Control of whether a particular network device is subject to 
the alarm system is therefore in the hands of the user of the device, 
and is particularly useful for items such as laptop computers which may 
quite legitimately be regularly connected/disconnected from the 
network. No additional circuitry is required, as the alarm utilizes the 
data cables which removes any need for specific cable installation. 

DESCRIPTION OF DRAWING (S) - The drawing shows a schematic 
illustration of the network. 

Communication hub (10) 

Ports (12) 
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Network devices (20) 

Management device (20a) 
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Control device (26) 
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Abstract (Basic) : WO 9946692 A2 

NOVELTY - A graphical user interface that allows a client to 
request, via a computer, information about the client's network from 
any of the dedicated service machines, is presented. Requested 
information is retrieved from an appropriate dedicated service machine. 
Requested information is shown to the client via the graphical user 
interface . 

USE - For providing network administration services executed by 
dedicated service machines executing special purpose programs in 
computer network maintained by service provider, to remote client 
computer. 

ADVANTAGE - Allows client to access information immediately via the 
computer without submitting requests to human operators and await human 
action for responses to the requests. Eliminates need for client to 


purchase or understand hardware and software components used to provide 
the network management service. Network owner can outsource all 
network management responsibilities without forfeiting quick and easy 
access to information about network, and can receive quick and 
easy-to-understand reports on service provider's performance. / 

DESCRIPTION OF DRAWING (S) - The figure shows a schematic diagram of 
the computer network that provides network services to a remote client 
computer . 
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Abstract (Basic): WO 9826541 A 

The method for distributed collecting of network statistics 
involves gathering network statistics at a number of nodes in the 
network. Data containing the statistics is transmitted to a collector. 


The statistics from the nodes are combined to form group network 
statistics. Network performance data is reported based on the compiled 
statistics from the data collector to a network manager. 

Values are set at the collector to configure the collecting of the 
network statistics. The configuration data is forwarded by the 
collector to the nodes to configure the data gathering at the nodes. An 
agent is launched in the nodes participating in the distributed 
collecting, and an agent is an executable module for gathering 
statistics and communicating with the collector. 

USE - E.g. for communications systems for CATV, ATM data transfer 
and advanced telephony. Is particularly suited to LAN environment with 
end systems running under Windows-compatible network operating system. 

ADVANTAGE - Is usable with variety of standard network management 
protocols such as simple network management protocol (SNMP), remote 
monitoring systems RMON and RM0N2 . 
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NOVELTY - A security subsystem (50) associated with the computer 
has a collection engine (502) which collects the event messages from 
the target network, and stores in an event log (512) . A log analyzer 
(504) analyzes the event messages and when any of the event is 
determined to be a security threat or a high priority event, it is 
uploaded to a security master system (60) through a secure link. 

DETAILED DESCRIPTION - INDEPENDENT CLAIMS are included for the 
following: 

(1) network security system; 

(2) method for monitoring the integrity of computer; and 


(3) method for monitoring the integrity of target computer network. 
USE - Computer security system. 

ADVANTAGE - Provides security for the resources that interact with 
customers, employees and partners over the internet. 

DESCRIPTION OF DRAWING (S) - The figure shows a flowchart explaining 
the steps of verifying the integrity of computer networks. 

security subsystem (50) 

security master system (60) 

collection engine (502) 

log analyzer (504) 

event log (512) 
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Abstract (Basic) : US 20020099958 Al 

NOVELTY - A security subsystem linked to each of computers in a 
target network (100) by a secure link (52), detects attack on the 
computer. A secure link (54) is provided between the security subsystem 
and a master system (60) connected to a remote network (110) . The 
master system registers information pertaining to attacks detected by 
the security subsystem. 


DETAILED DESCRIPTION - An INDEPENDENT CLAIM is included for a 
method for monitoring integrity of security subsystem associated with a 
target network. 

USE - Computer network security system. 

ADVANTAGE - By providing a secure link which ensures that 
communication between the two networks cannot be intercepted by an 
intruder, even if completely subverted during an attack on target 
network, the security subsystem will still be able to carry out its 
function. Enables to detect easily signs of intruder activity on a 
network and hence resist intrusion during an attack on the network. 

DESCRIPTION OF DRAWING (S) - The figure shows the block diagram of a 
network incorporating a security system. 

Secure ; links (52, 54 ) 

Master system (60) 

Target network (100) 

Remote network (110) 
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English Abstract 

A method and apparatus for verifying the integrity of devices on a target 
network (100) having two components: a subsystem (50) connected to the 
target network (100), and a master system (60), isolated therefrom by a 
secure lin (52) . The topological and hierarchical relationship of the 
devices to each other improves stability of the apparatus. Random testing 
of the subsystem (50) by the master system (60) provide verification and 
independent self-checking. 

French Abstract 

La presente invention concerne un procede et un appareil de verification 
de l f integrite de dispositifs sur un reseau cible (100) possedant deux 
composants : un sous-systeme (50) connecte au reseau cible (100) et un 
systeme principal (60), isole par une liaison sure (52). La relation 
topologique et hierarchique desdits dispositifs les uns par rapport aux 
autres ameliore la stabilite de 1' appareil. Le test aleatoire du 
sous-systeme (50) par le systeme principal (60) permet la verification et 
1 1 auto-controle independant . 
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September 23, 1998 VOL: 2 ISSUE: 19 DOCUMENT TYPE: NEWSLETTER 
PUBLISHER: PHILLIPS BUSINESS INFORMATION 

LANGUAGE: ENGLISH WORD COUNT: 7 95 RECORD TYPE: FULLTEXT 

(c) PHILLIPS PUBLISHING INTERNATIONAL All Rts. Reserv. 

TEXT: 

...Secure Managed Firewall, a network 

security service designed to compliment NetSolve' s existing ProWatch 
Secure Intrusion Detection and Response service. The combination of 
the two services is part of its strategy to... 

...Turner continues. "A year ago analysts were advising companies that 
security was too strategic to outsource to someone else. Now, 
[business consultants] like the Gartner Group are saying if it is not 
strategic to a business and not a core competency, then you should 
outsource it . " 

...Inside The ProWatch Secure Managed Firewall 

The ProWatch Secure Managed Firewall is designed for. . . 

. . .Cisco PIX, and begins 7 

days-a-week, 24 hours-a-day monitoring from a network operation center 

located in Austin, Texas. From information provided by the firewall, 
NetSolve technicians give real-time... 

...systems can be used on a client PC to access and configure the 
firewall . 

. . . Keeping Track Of Track Intruders 

NetSolve 's intrusion detection service, ProWatch Secure 

Intrusion Detection and Response, was launched about two years ago, 
Turner says. "We realized we didn 1 t ... NetSolve uses NetRanger security 
software from The WheelGroup, a 

subsidiary of Cisco Systems, for its intrusion detection service. 
NetRanger runs on the UNIX operating system. 

"The intrusion detection service looks at the packets in a 
network to determine [what] it is and where... 

...the network the v 
attack is originating from. With the combination of the managed \ 
firewall plus intrusion detection , you get a good level of security, " 
Turner says. 

"This is an outstanding product for... 

. . .NetSolve has tried to move beyond the basic firewall by 

offering both a firewall and intrusion detection service," Kovar adds., 
"GTE Internetworking [GTE] is one of the only other players in the... / 
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TEXT: 

...for the price of one. 

The complete suite of services from NetSolve also includes an 

intrusion detection solution/response service. The managed firewall 
service, which allows only authorized users to enter a network, is 
based on Cisco's [CSCO] PIX firewall. The intrusion detection and 
response service is based on Cisco's Netranger, allowing NetSolve to 
monitor the content... 

...295/month per firewall for the first line, and $895 for each 
additional one. The intrusion detection and response system alone is 
$l,495/month for three years, or $700 if deployed... 
. . . FON] 

customer would pay for just a managed firewall package. 
"The reason why firewall and intrusion detection and response 
services are priced differently is because some companies already have 
staff trained to... 

...either maintain 

their own personnel to run firewalls and constantly monitor the data 
flow, or outsource . 

This, Turner says, is where ISPs come in - as companies that can 
private-label NetSolve... 

...its network will be 

watched 24/7 by personnel of NetSolve 1 s Austin, Texas-based NOC . 
(Michael Turner, NetSolve, 512/340-3061) 
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Locking the doors 

Savage, Marcia 

Computer Reseller News n913 PP: 72-75 Sep 25, 2000 
ISSN: 0893-8377 JRNL CODE: CRN 
WORD COUNT: 188 9 

...TEXT: high-caliber employees watch monitors all day, and are finding it 
makes more sense to outsource that management. For those clients, the 
Salinas Group provides managed network security through 

ManagedFirewall.com, which offers realtime intrusion detection and 24x7 
monitoring from its network operations center . 


Salinas is not alone. Other solution providers that specialize in 
information security now include managed. . . 
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Companies Exhibit the High Tech, Crime-Fighting Tools For 'Fraud in a Brave 
New World 1 in Orlando Sept. 30 - Oct. 2, 1997 

DATE: September 4, 1997 09:50 E.T. WORD COUNT: 2,842 

...Fraud Exhibitor Locator. Contact: Heidi Fincken ad 202-785-0081. 

WheelGroup Corp. presents NetRanger (TM) intrusion detection system, 
using the next generation of computer security technology for intrusion 
detection and response, while promoting an open systems environment. 
When the content or context of network. . . 

... Nortel Passport switches, or StorageTek BorderGuard devices. Real-time 
monitoring of the system can be outsourced to a third party or conducted 
within an organization's own network operations center using HP 

OpenView or IBM NetView network management systems. Contact: Doug Webster 
at 210-494 . . . 
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Eurosigncard And Cyber Security, Inc. Agree to Secure And Protect 
Information Technology in The European Union 
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...services to Fortune (TM) 1000 clients. Its Managed Security Service 
(MSS) product is a completely outsourced suite of perimeter security 
services 

including Virtual Private Networking, Intrusion Detection Systems, 
Anti-Virus, 

Firewall, and Vulnerability Assessment . Founded in 2000, Cyber 
Security 

operates a full-time Security Operations Center ( SOC ) to monitor 
its 

customer's networks. 

SOURCE Cyber Security, Inc. 

CONTACT: Stephen Quinn, Vice President... 
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...security services through partners and service 
providers is key to our leadership." 

The ability to outsource and engage with a trusted managed security 
services provider helps companies save time and reduces costs in hiring 
scarce 

security resources to monitor business critical networks 24 hours a 
day, 

365 days a year. Since 1994, ISS has been offering remote security 
management 

through its Security Operations Centers (SOCs), assuring companies 
that their 

networks are being pro-actively monitored and responses initiated by. . . 
. . .the X-Force(TM) , an innovative 

research and development team that is constantly working to detect and 
fix 

global security breaches . 

"The reality is that few companies realize how vulnerable they are to 
attack, and. . . 
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. . .to focus on their core 

business while trusting their security to experts who conduct 24x7 
security 

monitoring and management of their networks from technically advanced 
Security 

Operations Centers (SOCs) . ISS managed security services ensure 
customers 1 

peace of mind with the ability to outsource the management of their 

information security ensuring around-the-clock, remote information 

protection 

by security. . . 
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...working with systems security since 1984. 

The WatchGuard LiveSecurity Family of Solutions 

The WatchGuard LiveSecurity System delivers the components designed 

to 

protect companies conducting e-business, including: The WatchGuard 
LiveSecurity Broadcast Service, WatchGuard PolicyManager. . . 

...LiveSecurity System can subscribe through PSINet, 

GTE Internetworking, Verio, FASTNET and Interpath. The benefits of 

outsourcing security to a service provider include installation, policy 
configuration, 24x7 security monitoring by the service provider and 
automatic 

distribution of the WatchGuard LiveSecurity updates. 
Pricing and Availability. . . 


26/3, K/24 (Item 1 from file: 610) 

DIALOG (R) File 610: Business Wire 

(c) 2003 Business Wire. All rts. reserv. 

00321355 20000717199B3109 (USE FORMAT 7 FOR FULLTEXT) 

DefendNet Solutions Expands Managed Security Offerings with Check Point 
Software's SiteManager-1 and Provider-1 

Business Wire 

Monday, July 17, 2000 09:03 EDT 

JOURNAL CODE: BW LANGUAGE: ENGLISH RECORD TYPE: FULLTEXT 
DOCUMENT TYPE: NEWSWIRE 
WORD COUNT: 525 

. . .premier Internet security provider, " 

said Vincent Giordano, president and CEO of DefendNet Solutions. "By 
incorporating Check Point's security technologies into our offerings, 
we will 

be able to provide the enhanced services ISPs need. . . 
. . . growing demand 

for comprehensive, high-end Internet security solutions for a full range of 
enterprises . " 

" Outsourcing Internet security is becoming an increasingly attractive 
option 

for many of today's e-businesses... 
...Virtual Network 

(SVN) architecture, SiteManager-1 combines a comprehensive, centralized 
management system at the provider network operations center with 
integrated 

VPN/security capabilities on the customer premises. Provider-1 is Check 
Point's. . . 
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. . . Service Level 

Agreements. It enables unmatched implementation speed, guaranteed 
availability 

and reliability, unparalleled protection with multi -level security , and 

systems monitored and operated by a highly experienced hosting team. 
Built 

using a multi-level secure architecture... 
. . . Based on 

eGain f s vast experience from hosting as well as feedback from their own 
outsourcing partners, the eGain Commerce 2000 platform easily enables 
remote 

web administration, monitoring and tuning, and. . . 
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...also enables customers 

to query and analyze their own data. Customers can either have RIPTech 

analysts manage security recommendations or have in-house IT staff take 
appropriate action. 

RIPTech can either install eSentry. . . 
. . . customer 

site or integrate existing customer security products into the eSentry 
solution. eSentry includes comprehensive outsourced management of 
supported 

security devices, including configuration and rule changes, as well as 

system 

and. . . 
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...with a comprehensive security 

infrastructure that gives them an added layer of protection against cyber 
attacks . 

Check Point Software's Cyber Attack Defense System, announced on February 
14, 

includes several new modules and technologies, including the OPSEC 
Intrusion 

Response Protocol. This new protocol automatically alerts third-party... 
...said Asheem Chandna, vice president of business 

development and product management, Check Point Software Technologies. " 
Check 

Point f s Cyber Attack Defense System , integrated with leading OPSEC 
products, 

provides eBusinesses with the framework required to prevent cyber attacks." 
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...enable customers to put their security in the hands 

of trusted experts who conduct 24x7 security monitoring and management 
of their networks from a technically advanced Network Operations 
Center 

( NOC ) . ISS is the only company to offer both an industry-leading 
SAFEsuite (R) security management platform and Managed Security 
Services. Together, these solutions deliver the software and outsource 
options customers require for comprehensive information protection 
across systems, databases, networks, services, and critical business... 
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The MRT Observer/Eye cameras will be a component of the CMC's new 
remote monitoring security system. The cameras will be integrated as 
one of many components of their new system . 

The CMC's mission is to assist political and technical experts from 
around the world. . . 
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... ID Intrusion Detection ISCG Information Solutions Consulting Group 

MSS Managed Security Services, Cyber Security's outsourced network 
security product. PKI Public Key Infrastructure SOC Security 
Operations Center , a 24x7x365 network monitoring and response facility. 
VPN Virtual Private Network, a network connection that... 
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technology to scale both packet forwarding and flows per second. 
Cisco is also integrating an Intrusion Detection System { IDS ) module 
into the Catalyst 6000 family for secure access to applications and 
corporate information. Along with. . . 

... of service attack is detected. It also offers scalable traffic 
monitoring by load balancing across multiple modules and supports a 
full suite of over 300 attack signatures. 

Pricing, Availability and Further Information 
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... a third-party secure-hosting service. Anti-virus, firewall and 

intrusion detection software has been integrated into the system . 

Application-level security was similar to that of the physical world, 
said Mr Yeung. The. . . 
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24x7 security monitoring and management of their networks from a 
technically advanced Network Operations Centre ( NOC ) . ISS is the only 
company to offer both an industry-leading security management platform and 
Managed Security Services. Together, these solutions deliver the software 
and outsource options customers require for comprehensive information 
protection across systems, databases, networks, services, and critical 
business . . . 
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the computer or files that, if tampered with, can be used for^ 
penetration purposes. 

Assess — Several modules perform a thorough security 

assessment on the host system. These include Directory Check, Integrity 
Check. . . 
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Hands -off Management 

Management service providers let you offload operational tasks yet retain 
control of your network, but be careful about which MSP you choose. 

Byline: By Elisabeth Horwitt 

Journal: Network World Page Number: 58 

Publication Date: October 09, 2000 
Word Count: 1950 Line Count: 179 

Text : 

...of systems engineering at Homestead.com, has good reason to be leery of 
systems management outsourcing . His Web-hosting company tried such an 
arrangement with its ISPs, and suffered serious service... 

... provide 24-7 support for its primary Web site. Alerts go first to 
SiteRock f s network operations center , where technicians handle 

low-level problems and escalate everything else to Homestead, corn's staff 

... is one of a growing number of businesses that find the MSP model 
attractive. Unlike outsourcing companies that take full responsibility 
for systems management, MSPs essentially let customers have it their... 

...says John McConnell, president of McConnell Associates in Boulder, Colo. 
"It ! s the advantage of outsourcing without the risks of surrendering 
everything." MSPs basically appeared out of nowhere early this year... 

... an in-house IT manager. Then there are the MSP setups that border on 
full outsourcing . For example, SiteLite not only handles network 
monitoring, but also proactive maintenance and administration, says... MSP 
(see "shopping advice, " page 59) . Furthermore, early adopters say an MSP 
relationship, like any outsourcing arrangement, needs considerable 
up-front planning and established policies and procedures in order to work 


. . . vulnerable because the Web is the lifeline that links customer systems 
to the MSP's network operations center . "We can't guarantee that 

someone won't put a backhoe through the wire," TriActive... 

. . . management and data storage while sending key data over the Web to the 
MSP's network operations center . If the link goes down, the server 

provides a management database, alerting, discovery, reporting, security 
scanning and performance monitoring at the site for up to seven days, 
Igoe says. That's fine if the... 
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Cisco boosts core LAN switch features 

Catalyst 6000 gets 25 6G bit/sec switch fabric, management and Gigabit 
Ethernet modules. 

Byline: JIM DUFFY 
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Publication Date: September 25, 2000 
Word Count: 621 Line Count: 62 

Text: 

... CEF) technology to improve packet and flow performance. Cisco is also 
integrating a so-called Intrusion Detection System ( IDS ) module 
into the Catalyst 6000 family for secure access to applications and 
corporate information. The services... 

. . . TCP session termination and access control list configuration in the 
event a denial-of-service attack is detected . It also provides scalable 
traffic monitoring by load balancing across multiple modules , Cisco 
says. The switching fabric module costs $7,495, the Supervisor 2 module 
$34, 995. . . 
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10 companies to watch 

From CLECs to application -aware switch vendors , these start-ups warrant 
your attention. 

Byline: BETH SCHULTZ 

Journal: Network World Page Number: 95 

Publication Date: April 24, 2000 

Word Count: 2201 Line Count: 210 

Text : 

. . . new start-up in February. As is the fashion these days, Loudcloud has 
entered the outsourcing realm. It does so with Web site automation 
technology called Opsware and a services package s really all that needs to 
be said about why we've included an intrusion - detection company on our 
watch list. But we can say plenty more about why Network ICE... 

. . . detects uninvited visitors, it reports the intrusion to the ICEcap 
management module. In turn, ICEcap analyzes the intrusion information 
from the agents and uses it to spot widescale attacks on a network. Intel 

. . . afoot in the systems management industry: Fledgling and established 
vendors alike are heavily pushing automated, integrated management 
systems for networks, systems and applications. Start-up RiverSoft is in 
the thick of it. In... 

... management applications . SilverBack gives customers a homegrown, 
Linux-based device that runs off-the-shelf monitoring , reporting and 
security tools and customized application software. The box sits on a 
critical path, say off the ... SilverBack unveiled InfoCare in late February. 
It offers network alerts, asset inventory, network infrastructure 
performance monitoring and security scanning applications. Later 
iterations will add intrusion detection , root cause analysis , 

application monitoring and network virus scanning. Top Layer NetworksOnce 
known as BlazeNet and focused on... > 
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BorderWare: Response to firewall RFP 

Journal: Network World 

Publication Date: July 19, 1999 

Word Count: 1516 Line Count: 150 

Text: 

. . . standby system. The configuration of this backup system should be kept 
in step with the primary system . This can be done locally by following 
a very simple procedure on the Firewall console... purchased at an 
additional cost. Alarms and Log AnalysisThe BorderWare Firewall Server 
includes facilities to monitor attempted attacks and to raise alarms in 
real-time. No additional components are needed. The BorderWare Firewall 
Server produces extensive logs, a third party log analysis tool... 
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Tivoli seeks interoperability for mgmt. tools 

Byline: JEFF CARUSO 
Journal: Network World 
Publication Date: May 24, 1999 
Word Count: 783 Line Count: 73 

Text: 

... to happen" because all the policy servers that have been announced are 
aimed at the network operations center , Cole says . The people in the 

network operations center are not the people who should make 

decisions about which applications and departments get top. . . 

... to set policies through Tivoli software and pass them on to various 
policy servers in network operations centers . "We will allow you to 
gain control over what is going to be chaos in... 

. . . also be getting a new interface that can launch Web-based management 
interfaces embedded in many network devices today. This feature appeals 
to Bengt-Olof Bloom, a network engineer with the Swedish bank. . . 
. . . has a separate management system for ATM and that he would like to see 
that system integrated with NetView.On the systems management side, 

Tivoli is preparing Tivoli Manager on OS/390... 

. . . framework to the OS/390 platform so that network managers can run 
software distribution, inventory, security and systems monitoring from 
there. The Manager software will collect information about applications on 
the mainframe to determine... 
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Response to RFP: Radguard 
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... Powell to purchase a managed service with one of Radguard f s partners, 
whereby installation, management, security monitoring , etc. will be 

outsourced . This will entail a different pricing structure, to be 
determined with the said partner .Network. . . 

. . . least remote access, it might choose to use the connection for other 
purposes. The cIPro- System ' s components can provide firewall 
functionality to allow Powell to use this connection securely . Redundancy . 
The cIPro. . . 
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VPN RFP - Radguard 
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Text : 

... Powell to purchase a managed service with one of Radguard 1 s partners, 
whereby installation, management, security monitoring , etc. will be 

outsourced . This will entail a different pricing structure, to be 
determined with the said partner.- Network... 

. . . least remote access, it might choose to use the connection for other 
purposes. The cIPro- System 's components can provide firewall 
functionality to allow Powell to use this connection securely.- Redundancy. 
The cIPro. . . 
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Executive Briefing 
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Text : 

... volume requirements, analysts said. It's probably too late for massive 
upgrades, but analysts recommend checking into subsystems and security 
, load balancing and outsourcing . Page 4 

pPurchasing and finance managers find tremendous payback in online 
buying systems, but getting. . . 
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Inside Lines 
Inside Lines 
Inside Lines 

Byline: Inside Lines 

Journal: Computerworld Page Number: 94 

Publication Date: August 05, 1996 
Word Count: 533 Line Count: 50 

Text: 

. . . add Internet security to the wide-area network and systems management 
services provided by its network operations center in Austin, Texas. 
Organizations can then outsource such tasks as security assessment , 
firewall setup and monitoring of an intrusion detection and response 
system. 

A fight may be brewing 

In an about-face, SAP AG which. . . 
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RMON holds service promise 

Byline: Joanie Wexler 

Journal: Network World Page Number: 24 

Publication Date: November 20, 1995 
Word Count: 334 Line Count: 32 

Text: 

Innovative developments with Remote Monitoring (RMON) technology will be a 
boon to outsourced monitoring services once a few problems get solved. 
RMON is the network management standard for... 

...Shipping volumes of monitoring data across a customer's net to the third 
party's network operations center can clog the user's network, 

pointed out John McConnell, president of McConnell Consulting, Inc. . . 

. . . flag for users is that they must be able to retain some control over 
network security . RMON probes could be used to pick up user passwords, 
McConnell pointed out. To ease users' minds... 
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51 2127105 INTRUS????? ? OR INTRUD???? ? OR ATTACK???? ? OR PSEUDOATT- 

ACK? OR VULNERAB? OR HACK???? ? OR CRACK???? ? OR MALICIOUS OR 
UNAUTHORIZ? OR UNAUTHORIS? OR INFILTRAT? OR THREAT? 

52 1993511 SECURITY 

53 36458 IDS 

54 554062 PENETRAT? OR BREACH? 
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?? ? ) 
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521 86643 (MANY OR SEVERAL OR PLURALITY OR NUMEROUS OR MULTIPLE OR M- 
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VARIOUS OR VARIETY) (1W) (COMPONENT? OR MODULE?) 


522 512 

523 63 

524 16 

525 47 
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06329304 Supplier Number: 54597528 (USE FORMAT 7 FOR FULLTEXT) 
WatchGuard Showcases LiveSecurity Broadcast Service at N+I . 

PR Newswire, p7012 
May 11, 1999 

Language: English Record Type: Fulltext 
Document Type: Newswire; Trade 
Word Count: 618 

... working with systems security since 1984. 

The WatchGuard LiveSecurity Family of Solutions 
The WatchGuard LiveSecurity System delivers the components 
designed to protect companies conducting e-business, including: The 
WatchGuard LiveSecurity Broadcast Service, WatchGuard PolicyManager. . . 

...LiveSecurity System can subscribe. through PSINet , GTE Internetworking, 
Verio, FASTNET and Interpath. The benefits of outsourcing security to a 
service provider include installation, policy configuration, 24x7 security 

monitoring by the service provider and automatic distribution of the 
WatchGuard LiveSecurity updates. 

Pricing and Availability. . . 
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REPEATING/ DMW Introduces HostCHECK for UNIX Advanced Security Tool Set. 

Business Wire, p04280228 
April 28, 1998 

Language: English Record Type: Fulltext 
Document Type: Newswire; Trade 
Word Count: 97 8 

. . . security configuration of the computer or files that, if tampered 

with, can be used for penetration purposes. 

o Assess - Several modules perform a thorough security 
assessment on the host system. These include Directory Check, Integrity 
Check. . . 
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Greater integration key to active firewalls. (Feature Report: Security) 

Malezis, Gus 

Computer Dealer News, 15, 5, 26(1) 
Feb 15, 1999 

ISSN: 1184-2369 LANGUAGE: English RECORD TYPE: Fulltext 

WORD COUNT: 658 LINE COUNT: 00061 

and systems - as well as specific areas within the intranet such as 
finance. The resulting multi - layered security system is comprised of 
several security devices , including multiple firewalls, VPNs, Intrusion 

Detection Systems ( IDS ) and Authorization and Authentication systems, 
as well as virus protection and data encryption software. 
The . . . 
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02992159 Supplier Number: 46103588 (USE FORMAT 7 FOR FULLTEXT) 
IBM: IBM announces SecureWay line of Internet security products and 
services 

M2 Presswire, pN/A 
Jan 30, 1996 

Language: English Record Type: Fulltext 
Document Type: Newswire; Trade 
Word Count: 4 89 

software 

* distributed security management 

* directory and security services for LAN servers. 

Security features are also integrated into IBM operating systems , 
network and database programs and Lotus Notes which has embedded public key 
cryptography, offerings for... 

...T Security consulting practice Emergency Response Service; ethical 
hacking, backed by IBM Research's Global Security Analysis Lab; 
anti-virus; security implementation and outsourcing services; and 
turnkey firewall installation services. 

"IBM has had a long history in developing security... 
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51 1556278 INTRUS????? ? OR INTRUD???? ? OR ATTACK???? ? OR PSEUDOATT- 

ACK? OR VULNERAB? OR HACK???? ? OR CRACK???? ? OR MALICIOUS OR 
UNAUTHORIZ? OR UNAUTHORIS? OR INFILTRAT? OR THREAT? 

52 418778 SECURITY (January 1993) 

53 6949 IDS 

54 318838 PENETRAT? OR BREACH? 
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CK? OR MULTIBRANCH?) 

514 2101 S10(3N) (MANY OR SEVERAL OR PLURALITY OR NUMEROUS OR MULTIP- 



LE OR MULTIPLICIT? OR MULTITUD? OR ADDITIONAL) (1W) (LAYER? OR 
LEVEL? OR TIER? OR STACK? OR BRANCH?) 

515 42655 FIREWALL? OR FIRE () WALL? ? OR ROUTER? ? OR S3 

516 112 MULTIDEVICE? 

517 20760 (MANY OR SEVERAL OR PLURALITY OR NUMEROUS OR MULTIPLE OR M 

ULTIPLICIT? OR MULTITUD? OR ADDITIONAL OR MULTI OR NUMBER OR 
VARIOUS OR VARIETY) (1W) DEVICE? 


S18 

24923 

OUTSOURC? OR OUT()SOURC??? ? 

S19 

63 

S5:S7 AND S8:S9 

S20 

1955 

S5:S7 AND S11:S14 

S21 

63 

S19:S20 AND S15:S18 

S22 

25 

S21/2001:2003 

S23 

38 

S21 NOT S22 

S24 

28 

RD (unique items) 


24/7/2 (Item 2 from file: 2) 

DIALOG (R) File 2 : INSPEC 

(c) 2003 Institution of Electrical Engineers. All rts. reserv. 

6622433 INSPEC Abstract Number: B2000-07-6150M-080, C2000-07-5640-072 

Title: A design of scalable SNMP agent for managing heterogeneous security 
systems 

Author (s) : Lee, D.Y.; Kim, D.S.; Pang, K.H.; Kim, H.S.; Chung, T.M. 

Author Affiliation: Dept. of Elect r. & Comput . Eng., Sungkyunkwan Univ., 
Suwon-City, South Korea 

Conference Title: NOMS 2000. 2000 IEEE/IFIP Network Operations and 
Management Symposium ^The Networked Planet: Management Beyond 2000 1 (Cat. 
NO.00CB37074) p. 983-4 

Editor(s): Hong, J.W.; Weihmayer, R. 

Publisher: IEEE, Piscataway, NJ, USA 

Publication Date: 2000 Country of Publication: USA xxvii+1022 pp. 
ISBN: 0 7803 5928 3 Material Identity Number: XX-1999-034 15 

Conference Title: Proceedings of Network Operations and Management 
Symposium 

Conference Date: 10-14 April 2000 Conference Location: Honolulu, HI, 
USA 

Medium: Alos available on CD-ROM in PDF format 

Language: English Document Type: Conference Paper (PA) 

Treatment: Applications (A) 

Abstract: This paper presents a Web based integrated security 
management system (WISMS) which has been developed to monitor and 
control heterogeneous security systems and the detailed design of 
firewall agents. The agents perform the control requests from the 
security manager, maintain the firewall MIB (management information 
base), and report the monitored status of the firewall . (0 Refs) 

Subfile: B C 

Copyright 2000, IEE 
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6497997 INSPEC Abstract Number: B2000-03-6150M-060, C2000-03-564 0-04 8 

Title: Intrusion detection for link state routing protocol through 

integrated network management 

Author(s): Feiyi Wang; Gong, F.; Wu, F.S.; Narayan, R. 

Author Affiliation: Adv. Networking Res. Group, MCNC, Research Triangle 
Park, NC, USA 

Conference Title: Proceedings Eight International Conference on Computer 
Communications and Networks (Cat. No.99EX370) p. 634-9 
Editor (s) : Dixit, S.; Somani, A.; Park, E. 
Publisher: IEEE, Piscataway, NJ, USA 

Publication Date: 1999 Country of Publication: USA xix+661 pp. 
ISBN: 0 7803 5794 9 Material Identity Number: XX-1999-03070 

U.S. Copyright Clearance Center Code: 0 7803 5794 9/99/$10.00 
Conference Title: Proceedings of IC3N f 99: Eighth International Conference 
on Computer Communications and Networks 

Conference Sponsor: Army Res. Lab.; Nokia; IEEE Commun. Soc 

Conference Date: 11-13 Oct. 1999 Conference Location: Boston, MA, USA 

Language: English Document Type: Conference Paper (PA) 

Treatment: Practical (P); Experimental (X) 

Abstract: The JiNao IDS project focuses on detecting intrusions , ^ 

especially insider attacks against link state routing protocols such as, 
OSPF. One important feature of the JiNao system is its integrated 
network management (INM) capability. Through SNMP and distributed^ 
programming interface (DPI), we can manage and control distributed JiNao 
IDS remotely, " interoperate with other JiNao systems to do correlation 
analysis, and utilize both private MIB and OSPF MIB as a complementary way 
of doing intrusion detection . This paper describes the design and 

implementation of JiNao 1 s INM architecture. Three OSPF insider attacks 
(maxseq, maxage, and seq++) have been developed to evaluate its 
effectiveness and detection capability. (17 Refs) 

Subfile: B C 

Copyright 2000, IEE 
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5544770 INSPEC Abstract Number: B9705-6210C-015 , C9705-6130S-026 
Title: Intrusion detection : a survey 
Author (s): Esmaili, M.; Saf avi-Naini, R. ; Pieprzyk, J. 

Author Affiliation: Center for Comput . Security Res., Wollongong Univ., 
NSW, Australia 

Conference Title: Information Highways for a Smaller World and Better 
Living. Proceedings of ICCC'95. (12th International Conference on Computer 
Communication) p. 4 09-14 

Editor(s): Chung, S.J. 

Publisher: IOS Press, Amsterdam, Netherlands 

Publication Date: 1995 Country of Publication: Netherlands xxxxii+862 
PP • 

Material Identity Number: XX95-01319 

Conference Title: ICCC'95 - International Conference on Computer 
Communications 

Conference Sponsor: ICCC-Int. Council for Comput. Commun.; Minstr. Inf. & 
Commun., Republic of Korea 

Conference Date: 21-24 Aug. 1995 Conference Location: Seoul, South 
Korea 

Language: English Document Type: Conference Paper (PA) 
Treatment: General, Review (G) 

Abstract: Advances in computer and communication technologies have 
resulted in highly integrated distributed systems that allow users to 
access information and resources from all over the globe. This 
interconnectivity adds new dimensions to the long-standing problem of 
providing security in a computer system by introducing many more possible 
attacking points. Rapid increase in the number of reported intrusions, 
break-ins and computer thefts results in an ever-increasing need for 
applying effective computer security measures. The number of recently 
developed, or under-development , systems and tools that can be used for 
detection of abuse of computer systems is growing. We present a comparative 
review of the state-of-the-art intrusion detection systems { IDS ) and 
techniques and underline the strength and limitations of each. We will also 
point out directions for future development and research. (21 Refs) 

Subfile: B C 

Copyright 1997, IEE 
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2202129 NTIS Accession Number: ADA3914 92/XAB 

Mobile Agent Attack Resistant Distributed Hierarchical Intrusion 
Detection Systems 
Mell, P. ; McL.arnon, M. 

National Inst, of Standards and Technology, Gaithersburg, MD. 

Corp. Source Codes: 092732000; 419591 

10 Aug 1999 9p 

Languages: English 

Journal Announcement: USGRDR0121 

Product reproduced from digital image. Order this product from NTIS by: 
phone at 1-800-553-NTIS (U.S. customers); (703)605-6000 (other countries); 
fax at (703)605-6900; and email at orders@ntis.gov. NTIS is located at 5285 
Port Royal Road, Springfield, VA, 22161, USA. 

NTIS Prices: PC A02/MF A01 

Country of Publication: United States 

Distributed intrusion detection systems are especially vulnerable 

to attacks because the components reside at a static location and are 
connected together into a hierarchical structure. An attacker can disable 
such a system by taking out a node high in the hierarchy, thus amputating a 
portion of the distributed system. One solution to this problem is to cast 
the internal nodes in the system hierarchy as mobile agents. These 
mobile agents randomly move around the network such that an attacker can 
not locate their position. If an attacker takes out a mobile agent 
platform, the remaining agents estimate the location of the attacker and 
automatically avoid those networks. Killed agents are resurrected by a 
group of backups that retain all or partial state information. We are 
implementing this technology as an API such that existing intrusion 

detection systems can wrap their components as mobile agents in order to 
gain a type of 'attack resistance'. 
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1680202 NTIS Accession Number: DE92016335 
Wireless data communications 

Christiansen, M. L. ; Harrington, J. J. ; Outwater, M. 
Sandia National Labs., Albuquerque, NM. 
Corp. Source Codes: 068123000; 9511100 
Sponsor: Department of Energy, Washington, DC. 
Report No.: SAND-92-1313C; CONF-9206197-1 
1992 9p 

Languages: English Document Type: Conference proceeding 
Journal Announcement: GRAI9224; ERA9251 

American Defense Preparedness Association (ADPA) government-industry 
symposium on security technology, Williamsburg, VA (United States), 1-4 Jun 
1992. Sponsored by Department of Energy, Washington, DC. 

U.S. Sales Only. Order this product from NTIS by: phone at 1-800-553-NTIS 
(U.S. customers); (703)605-6000 (other countries); fax at (703)321-8547; 
and email at orders@ntis.fedworld.gov. NTIS is located at 5285 Port Royal 
Road, Springfield, VA, 22161, USA. 

NTIS Prices: PC A02/MF A01 

Country of Publication: United States 

Contract No.: AC04-76DP00789 

A primary function of an Intrusion Detection System ( IDS ) is to 
convey system status from remote sensing points to manned collection 
stations. The bulk of these systems rely on communications channels that 
the implemented with physical connections composed of either metallic wire 
or glass fiber. While these channels provide connectivity for the IDS , a 
definite liability resulting from the physical nature of the channels is 
encountered. This liability manifests itself primarily during system 
installation when significant costs arising from labor are encountered. The 
time required to install physical channels is also a liability which may 
prohibit its use in semipermanent or rapidly deployable applications. To 
address these limitations, the Dispersed Integrated Security System 
(DISS) Program has adopted a philosophy of wireless communications links to 
be used where appropriate in conjunction with standard wire- and 
fiber-based systems. When low-cost, rapidly deployable systems are 
required, Radio Frequency (RF) links are offered. DISS RF links are well 
suited for applications ranging from tactical to semipermanent sites. Other 
wireless links being considered for special DISS applications may take 
advantage of narrow-beam 'microwave and infrared technologies. Alongside 
these wireless devices, conventional wire and fiber systems may also be 
used to fulfill critical security requirements. This paper lists the system 
requirements that DISS intends to meet and describes the communications 
equipment that comprises DISS from a hardware and user perspective. System 
capabilities are highlighted in the context of operational scenarios, and 
DISS communications is summarized in the final section. 
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Title: Adaptation techniques for intrusion detection and intrusion 
response systems 

Author: Ragsdale, Daniel J.; Carver, Curtis A. Jr.; Humphries, Jeffrey W. 
; Pooch, Udo W. 

Corporate Source: United States Military Acad, USA 


Conference Title: 2000 IEEE International Conference on Systems, Man and 
Cybernetics 

Conference Location: Nashville, TN, USA Conference Date: 
20001008-20001011 
Sponsor: IEEE 

E.I. Conference No.: 57755 

Source: Proceedings of the IEEE International Conference on Systems, Man 
and Cybernetics v 4 2000. IEEE, Piscataway, NJ, USA, 00CB37166 . p 2344-2349 
Publication Year: 2000 
CODEN: PICYE3 ISSN: 0884-3627 
Language: English 

Document Type: CA; (Conference Article) Treatment: T; (Theoretical) 
Journal Announcement: 0102W2 

Abstract: This paper examines techniques for providing adaptation in 
intrusion detection and intrusion response systems. As attacks on 
computer systems are becoming increasingly numerous and sophisticated, 
there is a growing need for intrusion detection and response systems to 
dynamically adapt to better detect and respond to attacks . The Adaptive 
Hierarchical Agent-based Intrusion Detection System (AHA IDS ) 
provides detection adaptation by adjusting the amount of system resources 
devoted to the task of detecting intrusive activities. This is 
accomplished by dynamically invoking new combinations of lower level 
detection agents in response to changing circumstances and by adjusting the 
confidence associated with these lower-level agents. The Adaptive 
Agent-based Intrusion Response System (AAIRS) provides response adaptation 
by weighting those responses that have been successful in the past over 
those techniques that have not been as successful. As a result, the more 
successful responses are used more often than the less successful 
techniques. It also adapts responses based on the system's belief that 
intrusion detection reports are valid. Intuitively, adaptive detection 
and response systems will provide more robust protection than static, 
non-adaptive systems. (Author abstract) 27 Refs. 
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Title: Intrusion detection in wireless ad-hoc networks 

Author: Zhang, Yongguang; Lee, Wenke 
Corporate Source: HRL Lab, Malibu, CA, USA 

Conference Title: 6th Annual International Conference on Mobile Computing 
and Networking (MOBICOM 2000) 

Conference Location: Boston, MA, USA Conference Date: 20000806-20000811 
Sponsor: ACM SIGMOBILE 
E.I. Conference No.: 57709 

Source: Proceedings of the Annual International Conference on Mobile 
Computing and Networking, MOBICOM 2000. ACM, New York, NY, USA. p 275-283 
Publication Year: 2000 
CODEN: 002378 
Language: English 

Document Type: CA; (Conference Article) Treatment: T; (Theoretical) 
Journal Announcement: 0101W4 

Abstract: As the recent denial-of -service attacks on several major 
Internet sites have shown us, no open computer network is immune from 
intrusions. The wireless ad-hoc network is particularly vulnerable due to 
its features of open medium, dynamic changing topology, cooperative 
algorithms, lack of centralized monitoring and management point, and lack 
of a clear line of defense. Many of the intrusion detection techniques 


developed on a fixed wired network are not applicable in this new 
environment. How to do it differently and effectively is a challenging 
research problem. In this paper, we first examine the vulnerabilities of a 
wireless ad-hoc network, the reason why we need intrusion detection , 
and the reason why the current methods cannot be applied directly. We then 
describe the new intrusion detection and response mechanisms that we 
are developing for wireless ad-hoc networks. (Author abstract) 17 Refs. 
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Title: Proceedings of the 1996 30th IEEE Annual International Carnahan 
Conference on Security Technology 

Author: Sanson, L.D. (Ed.) 

Conference Title: Proceedings of the 1996 30th IEEE Annual International 
Carnahan Conference on Security Technology 

Conference Location: Lexington, KY, USA Conference Date: 
19961002-19961004 

Sponsor: IEEE 

E.I. Conference No.: 45647 

Source: IEEE Annual International Carnahan Conference on Security 
Technology, Proceedings 1996. IEEE, Piscataway, NJ, USA, 96CH35 975 . 256p 
Publication Year: 1996 
CODEN: 85QRAQ 
Language: English 

Document Type: CP; (Conference Proceedings) Treatment: A; 
(Applications); G; (General Review); T; (Theoretical) 
Journal Announcement: 9701W3 

Abstract: The proceedings contains 40 papers from the 1996 IEEE 
International Carnahan Conference on Security Technology. Topics discussed 
include: security systems, closed circuit television (CCTV) systems, image 
processing, sensor data fusion, infrared detectors, synergistic radar 
systems, millimeter wave holography, obstacle avoidance, personnel tracking 
systems, digital mobile communication systems, interconnection networks, 
data security, cryptography, fingerprint identification, facial 
identification, network protocols, access control, intelligent control, 
annunciator systems, security risk assessment and analysis , intruder 
detection systems ( IDS ) , police duty scheduling and earthquake 
prediction systems. 
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Intrusion Detection in grossen Netzen: Mehr Sicherheit durch 
Verteilung? 

Ockl, AB 

RWTH Aachen, D 

Online 2000, 23. Europaeische Congressmesse fuer technische Kommunikation, 

Congress IV: Telekommunikations-Sicherheit & Security Management, 

Duesseldorf , D, 31.01.-03.02.20002000 

Document type: Conference paper Language: German 

Record type: Abstract 

ISBN: 3-89077-209-9 

ABSTRACT: 

Viele Firmen haben nahezu alle wichtigen Daten in ihrem Netzwerk abgelegt, 
so dass der Verlust oder die Veroef f entlichung dieser Daten im schlimmsten 
Fall die Existenz des Unternehmens bedrohen kann. Und trotzdem wird die 
Sicherheit vielerorts vernachlaessigt bzw. unterschaetzt, da Sicherheit 
hohe Kosten ohne sichtbaren Gewinn verursacht. Intrusion Detection 
Systeme erkennen interne und externe Angriffe innerhalb eines Netzwerkes. 
Da moderne Intrusion Detection Systeme dabei als verteilte Systeme 
agieren, nennt man sie auch verteilte Intrusion Detection Systeme. Im 
Gegensatz zu Firewall systeme installieren die gaengigen verteilten 
Intrusion Detection Systeme dabei zur Datensammlung innerhalb des 
Netzwerkes Sensoren, die moeglichst viele Ueberwachungsdaten sammeln. 
Anf orderungen an ein Intrusion Detection System lassen sich aus zwei 
Perspektiven betrachten. Zum einen werden Anf orderungen an die Dienste 
gestellt, die es zum Schutz des zu ueberwachenden Systems bereitstellt . Als 
ueberwachendes System ist das Intrusion Detection System jedoch selbst 
auch Angriffsziel und muss deshalb strengen Schutzanf orderungen genuegen. 
Ausserdem sollte das Intrusion Detection System nach einem Angriff bzw. 
Systemversagen wieder in einen korrekten Ursprungszustand versetzbar sein, 
urn die Ueberwachung fortzusetzen ( Fehlertoleranz des Intrusion Detection 

Systems) . Ausserdem ist zu beachten, dass keine Software fehlerfrei ist, 
also auch das Intrusion Detection System nicht. Da Fehler von Angreifern 
als Angriff spunkte benutzt werden, kann der komplette Schutz durch das 
Intrusion Detection System nicht gewaehrleistet werden. Das sollte in der 
Architektur des Intrusion Detection Systems beruecksichtigt sein. Es 
muss also eingeplant werden, dass Angriffe erfolgreich sein koennen und 
einzelne Teilkomponenten ausf alien bzw. uebernommen werden. Das System 
sollte den Ausfall von Teilkomponenten bzw. Subsystemen verkraften 
koennen (Ausf allsicherheit ) , so dass das Rest system in seinem korrekten 
Ablauf so wenig wie moeglich gestoert wird. Das wird je eher erreicht, je 
weniger das System zentral koordiniert wird und je redundanter bzw. 
ersetzbarer die Komponenten sind. 


